New Alerts for D-Link, Dell, NetApp, Zyxel, curl, Open vSwitch, and Linux.
D-Link
D-Link DIR-824/EE hardware contains several unauthenticated OS command injection vulnerabilities. Highest CVSSv3 score of 9.8
More info.
Dell SRM and Dell Storage Monitoring and Reporting have a security update for multiple third-party xomponent vulnerabilities. Dell rates this Critical.
More info.
Dell Streaming Data Platform remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.
OnCommand Insight is susceptible to an authentication bypass vulnerability in the Data Warehouse component. CVSSv3 score of 8.6
More info.
A DNS misconfiguration in Zyxel's NBG7510 could allow an unauthenticated attacker to perform DNS-related attacks, such as DNS tunneling or DNS amplification attacks, by using the open DNS resolver when the device is switched to the AP mode. CVSSv3 score of 5.3
More info.
curl's HSTS check could be bypassed to trick it to keep using HTTP.
More info.
Open vSwitch is subject to a denial of service, and possibly a remote code execution exploit when LLDP processing is enabled on an interface.
More info.
SUSE has updated the kernel. More info.
OpenSUSE as updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page